Hoooly crap. Ok. I finally got it working. I concatenated the cert with the intermediate + root, and put that in the 'publicCert' value while leaving the 'ca' value empty.
10/27/2022, 9:14 PM
trying to figure this out as well... I've always hated cert work. So I'm using a windows app, CertifyTheWeb that works with my cloudflare API to perform the DNS-01 check with LetsEncrypt to grab my cert files.
This is what I have done based on what you have said but I think I may need to identify the order CertifyTheWeb puts the certificates in the .chain file cause it's not working. screen clipping of what tasks I get Certify the web to use when it exports my certs screen shotted.
or better question since I'm just using this in a lab... anyone know if self signed certs work when integrating an external rancher (2.6.9) with self signed certs work with harvester 1.1 using self signed?
10/28/2022, 4:53 PM
I had zero issues setting this up with self-signed certs as presented in the docs. And then an external rancher (also configured per their quickstart docs with self signed certs) connected without any problems.
10/28/2022, 6:08 PM
in that case.... good. Just have to mess with my own chrome things that try to prevent me from doing something stupid and either get it to forget HSTS for that host or whitelist it somehow... have to dive into the chrome flags. It's not often I have to worry about that.